contents

meta

A Taste of Computer Security

Introduction81773R-5W337

There are miscreants everywhere — in all domains — from vandals in a representative parking lot to high-profile terrorists on the international scene.

Today, computers are used in all walks of life: they are in your homes, and in various critical domains such as defense, education, finance, government, health care, and so on. This reliance of the world's infrastructure on computer systems, and the consequent pervasiveness of the latter, makes their "security" an issue of great importance.

The security of computer systems is a unique aspect of computing in that it enjoys remarkable attention from all quarters: at least everybody who uses computers cares about security. If you research or design systems, you care about creating mechanisms for providing security. If you are a marketeer or a salesman selling a system, you would need as many security-related bullet-points as you can gather (preferably backed by real technology). If you are an operating system holy warrior, you might find demonstrable security flaws in "other" systems to be excellent warfare tools. Popular media likes the negative, and they have been especially fond of computer security (its downfall, usually), a topic that has been romanticized consistently.

Agenda

Given the nature and scope of the field, it would require one or more books to even briefly touch upon all that is known about computer security. This document's goal is only to give you a taste of (a subset of) the subject. The various sections are not uniform in their depth or breadth, and the document's overall structure is not pedagogical. I could have titled it Thinking Aloud On Computer Security, if not for the somewhat pompous undertone.

Terms and Conditions

It is illegal to republish this document in any form (where "form" includes, but is not limited to, online publishing). You are allowed to make hard copies of this document if you so desire, provided it is for your own personal, non-commercial, and non-business related use.

THIS INFORMATION IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS INFORMATION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Feedback

Please note that this is a first draft and has not yet been reviewed. I will welcome constructive feedback, and will highly appreciate if any errors or misrepresentations are pointed out to me.